Firmware Tpm

TPM Security: What You Need to Know for Surface Devices and Windows PCs

Understanding TPM

A Trusted Platform Module (TPM) enhances the security of your PC by securely generating and storing encryption keys for services like BitLocker drive encryption and Windows Hello. It provides an extra layer of protection against unauthorized access to sensitive data.

Enabling TPM

TPM settings are managed through the UEFI BIOS (PC firmware) and vary by device. Typically, you can access these settings by pressing a specific key during device startup. Consult your device manufacturer's documentation for specific instructions.

Alternatives to Physical TPMs

Microsoft TPMs offer an alternative to traditional hardware-based TPMs. They run the TPM within the trusted execution mode of the general-purpose computation unit. Microsoft Windows uses compatible TPMs in the same way.

TPM Requirements

Since July 2016, Microsoft has required TPM 2.0 for Windows 10 PCs. Devices without TPM may not be able to enjoy the full benefits of Windows features and updates.

Note: Certain Surface devices may have specific TPM issues. Refer to Microsoft's Security issue for TPM on Surface devices for more information.